Good E2EE messengers besides Signal?

Linux

IcyScroll Correct. Right now its possible to mitigate this concern by sharing per-profile address with your contacts. This link will likely depend on a different server than the one used for receiving messages. This is not foolproof as your contact would have to manually use your address after noticing the failure. There's also a possibility that you would change the address after a server used by your contact (to receive messages from you) had been shut down, rendering them unable to contact you, as the last address that was shared with them would be obsolete.

So the approach is to make 2 connection per conntact, 1 via one time link and one via per profile link?

IcyScroll Having a secure fallback for digital communication is always a good idea. Session might actually be somewhat helpful for this, due to its simple account creation process and no PII needed. However, it's worth noting that Session is nowhere near SimpleX in terms of privacy and security, as its cryptography is far worse than Signal's, to say the least.
Technically even an e-mail address is enough for this, depending on your threat model, of course.

Is there a better option then Session, as a backup to SimpleX, that allows for MITM resistant messaging?
The problem I have with most other solutions like Matrix or XMPP, is that you need to put a lot of trust in the server.
Mainly because at the moment, their is no option to link directly with public keys or at least view the public key of a contact (to verify against a post of this public key on another platform).

I very much appreciate that SimpleX is by default MITM resistant because its places the public key inside the sharing link.

Sevv

Linux session doesn't have port forward secrecy.

IcyScroll

Linux So the approach is to make 2 connection per conntact, 1 via one time link and one via per profile link?

You can connect however you prefer. What's important is sharing your SimpleX address with all your contacts, if you want them able to connect to you again in case something goes wrong in the future.

As for the redundancy approach, you'd have to either create a second SimpleX profile or connect incognito. That's because only one connection to the same contact seems to be possible at the moment. Any additional attempt within the same profile causes existing conversation to be opened.

Linux Is there a better option then Session, as a backup to SimpleX, that allows for MITM resistant messaging?

Anything will do as long as you perform key verification with your contacts. You could even use Tuta, which seems to have rolled out this feature recently. I believe you would be better of using it instead of Session. Tuta plans to implement PFS, Session has stripped it a long time ago.

So in summary, I think these options are good when it comes to addressing the availability concern. Sorted from most to least secure against MITM attacks:

Multiple SimpleX Chat connections and/or sharing your profile's address.
A separate solution with key verification (Signal, Tuta, Briar, Matrix/XMPP, Session, etc.)
Using any traditional e-mail service for sending new SimpleX links in case your existing chats stop working.

Thomas_Classic

You could also use Molly. Which I'd a more hardened version of signal. Personally it all just depends on your threat model and what you are trying to hide from

Onlyfun

JollyRancher with all respect, I won't comment on political related part of you reply to keep up with forum's code.

While I agree with your approach to threat modeling, I believe simplex to be a superior choice vs other apps you listed. Not requiring a phone number is big, but it goes way further allowing a separate personality for every new chat to compartmentalize communications as much as you want. Let alone other dings bells e. g. more detailed setup of group chats and etc.

Ilgar

DeletedUser495 basically what I meant is “Make Molly’s UnifiedPush receiver directBootAware, store whatever it needs in Device Encrypted (DE) storage, so it can show notifications BFU (before first unlock).”

schweizer

Ilgar I do not understand why anyone would have a sophisticated privacy phone and then want BFU notifications. You can as well disable device encryption and display lock. You gain usability for the sake of security.

Linux

IcyScroll You can connect however you prefer. What's important is sharing your SimpleX address with all your contacts, if you want them able to connect to you again in case something goes wrong in the future.

But isn't the long term link also bound to a specific server?
It also starts with smp[number of a server]

IcyScroll Anything will do as long as you perform key verification with your contacts. You could even use Tuta, which seems to have rolled out this feature recently. I believe you would be better of using it instead of Session. Tuta plans to implement PFS, Session has stripped it a long time ago.

Can I get a public key from Tuta that then can be used for everyone messaging me to verify the connection, without me doing anything additionally?

IcyScroll A separate solution with key verification (Signal, Tuta, Briar, Matrix/XMPP, Session, etc.)

The problem with Signal, (probably) Tuta, Matrix/XMPP is that they all lak an option to verify against a stable public key that can be send/posted one time and then be used by everyone who want to verify the connection.
SimpleX and Session have a public key in the link/ID.

Ilgar

schweizer https://discuss.grapheneos.org/d/37-mollyim/158

DeletedUser499

schweizer I do not understand why anyone would have a sophisticated privacy phone and then want BFU notifications.

Because, BFU is a "thing", so they want it... Whatever it is!
but now it gets in the way of their really important notification that their Bluetooth kettle has just boiled.

IcyScroll

Linux But isn't the long term link also bound to a specific server?
It also starts with smp[number of a server]

Yes, it probably is. I only offered my advice as a mitigation until SXC is improved in this regard. If one does what I wrote earlier, they should end up with quite a robust solution, as far as availability is concerned.
In a nutshell:

Check what servers you and your contact uses to send/receive messages
Check what server your SimpleX Address depends on
If your contact uses the same server, either rotate it for this contact or change your address.
Optionally: you could try to make the address use a third party server. This would decentralize the availability risk even further. You could also have multiple addresses by creating many profiles. Those could then be sent to each contact as a non-disappearing message.

Linux Can I get a public key from Tuta that then can be used for everyone messaging me to verify the connection, without me doing anything additionally?

I don't know.

Linux The problem with Signal, (probably) Tuta, Matrix/XMPP is that they all lak an option to verify against a stable public key that can be send/posted one time and then be used by everyone who want to verify the connection.

That may be true. That's why I suggest using a SimpleX Address for this. While not bulletproof, it's really straightforward to set up.

HomerJay

Linux It's very hard to convince people to use another messenger. There are some good messengers but you need something your contacts are willing to use.
There is Signal (Molly) and there is Threema. The best technical solution will not help you if it is not possible for other people to get it in the store & set it up within two minutes.
I switched to Threema.

Linux

HomerJay Linux It's very hard to convince people to use another messenger. There are some good messengers but you need something your contacts are willing to use.
There is Signal (Molly) and there is Threema. The best technical solution will not help you if it is not possible for other people to get it in the store & set it up within two minutes.
I switched to Threema.

You need to convince them anyway so I don't consider this a point for most messengers.
(Maybe a point against Threema because its cost money and is therefore harder to bring it to people

HomerJay

Linux I don' think so. It has to be a messenger which

has the same functions and usability
has the possibility of having other contacts
can be managed bei every user himself, including backups etc.
The money was at least in my case never the Problem.
A lot oft people do understand if you tell them "It's money or data - you decide how to pay". Besides paying a beer in return often helps :).

DeletedUser499

Linux (Maybe a point against Threema because its cost money and is therefore harder to bring it to people

I found once my contacts were "in" it was quickly realised it was an excellent messenger. I gave away several codes to my contacts to get them "in".
I bought ten codes for cash from the Threema store, every one that used a code is incognito/untraceable, unlike other messengers I could mention.

Ilgar

DeletedUser499 I know what is bfu and de/ce storages. and bfu notifications is only thing that stays between me and full-time bfu device usage with 60 or even 30 minutes auto-reboot (though, bfu vpn would be nice too, but sacrifice of metadata privacy, only when on lte, for bfu security, seems to me is justified, cos wifi has vpn)

for your information: > We’ll provide the option to self-host a Molly server next year. there is a way to deliver BFU notifications.

p.s. I don't use bluetooth

Linux

IcyScroll Yes, it probably is. I only offered my advice as a mitigation until SXC is improved in this regard. If one does what I wrote earlier, they should end up with quite a robust solution, as far as availability is concerned.
In a nutshell:

Check what servers you and your contact uses to send/receive messages
Check what server your SimpleX Address depends on
If your contact uses the same server, either rotate it for this contact or change your address.
Optionally: you could try to make the address use a third party server. This would decentralize the availability risk even further. You could also have multiple addresses by creating many profiles. Those could then be sent to each contact as a non-disappearing message.

In the further things will get better.
But in the meantime I don't think that different smp servers solve this when they are all hosted by two organizations.
So I would use another messenger liek Session.

Ilgar I know what is bfu and de/ce storages. and bfu notifications is only thing that stays between me and full-time bfu device usage with 60 or even 30 minutes auto-reboot (though, bfu vpn would be nice too, but sacrifice of metadata privacy, only when on lte, for bfu security, seems to me is justified, cos wifi has vpn)

How can the phone be fully operational without the data encryption key being present?

Eumenia

Eirikr70 The best one for me is the one I can host and is E2EE. I have no second choice.

Isn't almost any of this messengers self hostable?

Ilgar

Linux that's quote from molly dev, and that would be amazing when they bring it to production.

We’ll provide the option to self-host a Molly server next year. there is a way to deliver BFU notifications.

« Previous Page